package com.donghu.openapiinterface.controller;

import cn.hutool.http.HttpUtil;
import com.donghu.openapiclientsdk.Utils.SignUtils;
import com.donghu.openapiclientsdk.model.User;
import org.springframework.web.bind.annotation.*;

import javax.servlet.http.HttpServletRequest;

@RestController
@RequestMapping("/name")
public class NameController {
    @GetMapping("/get")
    public String getNameByGet(String name, HttpServletRequest request) {
        String yupi = request.getHeader("yupi");
        System.out.println(yupi);
        return "你的名字是：" + name;
    }

    @PostMapping("/")
    public String getNameByPost(@RequestParam String name) {
        return "Post 你的名字时：" + name;
    }

    @PostMapping("/user")
    public String getUsernameByPost(@RequestBody User user, HttpServletRequest request) {
        String accessKey = request.getHeader("accessKey");
        String nonce = request.getHeader("nonce");
        String timestamp = request.getHeader("timestamp");
        String sign = request.getHeader("sign");
        String body = request.getHeader("body");

        //todo 实际情况应该是从数据库中查找是否已分配刚给用户
        if (!accessKey.equals("donghu")) {
            throw new RuntimeException("无权限");
        }
        // TODO 随机数可以使用redis存储
        if (Long.parseLong(nonce) > 100000000) {
            throw new RuntimeException("无权限");
        }
        //TODO 时间和当前时间不能超过5分钟
//        if (timestamp){
//
//        }
        // TODO 实际情况中是从数据库中查询该用户的secretKey
        String s = SignUtils.getSign(body, "lwlwlw");
        if (!sign.equals(s)) {
            throw new RuntimeException("无权限");
        }
        String result = "post 用户名是：" + user.getUsername();
        return result;
    }


}
